wf-recorder: new package
wf-recorder is a utility program for screen recording
of wlroots-based compositors (more specifically, those
that support wlr-screencopy-v1 and xdg-output).
Its dependencies are ffmpeg, wayland-client and
wayland-protocols.
py-cbor2: updated to 5.9.0
5.9.0 (2026-03-22)
- Added the ``max_depth`` decoder parameter to limit the maximum allowed nesting level of
containers, with a default value of 400 levels (CVE-2026-26209)
- Changed the default ``read_size`` from 4096 to 1 for backwards compatibility.
The buffered reads introduced in 5.8.0 could cause issues when code needs to
access the stream position after decoding. Users can opt-in to faster decoding
by passing ``read_size=4096`` when they don't need to access the stream directly
after decoding. Added a direct read path for ``read_size=1`` to avoid buffer
management overhead.
- Fixed C encoder not respecting string referencing when encoding string-type datetimes (tag 0)
- Fixed a missed check for an exception in the C implementation of ``CBOREncoder.encode_shared()``
- Fixed two reference/memory leaks in the C extension's long string decoder
- Fixed C decoder ignoring the ``str_errors`` setting when decoding strings, and improved
string decoding performance by using stack allocation for small strings and eliminating
unnecessary conditionals. Benchmarks show 9-17% faster deserialization.
py-hypothesis: updated to 6.152.1
6.152.1 - 2026-04-14
Improve some internal type hints.
6.152.0 - 2026-04-14
Hypothesis generally recommends that the .hypothesis directory not be checked into version control. As a result, Hypothesis now automatically creates a .gitignore with * in the .hypothesis directory, which excludes it from being tracked by git.
If you do want to check .hypothesis into git, you can remove the .gitignore file. Hypothesis will not re-create it unless the entire .hypothesis directory is removed.
wev: new package
wev opens an xdg-shell toplevel on the default
Wayland display (via the WAYLAND_DISPLAY
environment variable), then prints events
associated with that display.
wvkbd: new package
This project aims to deliver a minimal but practically
usable implementation of a wlroots on-screen keyboard
in legible C. This will only be a keyboard, not a
feedback buzzer, led blinker, or anything that requires
more than what's needed to input text quickly.
libarchive: updated to 3.8.7
Libarchive 3.8.7 is a security and bugfix release.
Notable fixes:
CAB: fix NULL pointer dereference during skip
CAB: Fix Heap OOB Write in CAB LZX decoder
cpio: various fixes and improvements
contrib/untar: fix out-of-bounds read
iso9660: fix undefined behavior
iso9660: fix posibble heap buffer overflow on 32-bit systems
libarchive: fix handling of option failures
libarchive: do not continue with truncated numbers
libarchive: lzop and grzip filter support
RAR: fix LZSS window size mismatch after PPMd block
